Nie można otworzyć "Mój komputer"

Dla specjalistów Bezpieczeństwo
#1

Tak jak w temacie, nie mogę dostać się do dysków. Załączam loga z combo fixa. Pozdrawiam

ComboFix 08-07-15.4 - Cud natury 2009-01-01 11:54:53.2 - NTFSx86

Microsoft Windows XP Home Edition 5.1.2600.3.1250.1.1045.18.623 [GMT 1:00]

Running from: C:\Documents and Settings\Cud natury\Pulpit\combo-fix.exe

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED!!

.

  • REDUCED FUNCTIONALITY MODE -

.

((((((((((((((((((((((((( Files Created from 2008-12-01 to 2009-01-01 )))))))))))))))))))))))))))))))

.

2008-12-06 02:08 . 2008-12-06 02:10 334 --a------ C:\WINDOWS\PowerReg.dat

2008-12-06 02:06 . 2008-12-06 02:06

2008-12-01 18:55 . 2008-12-01 18:56

2008-12-01 18:55 . 2008-12-01 18:55 1,700,352 --a------ C:\WINDOWS\system32\gdiplus.dll

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-12-11 18:38 --------- d-----w C:\Program Files\eMule

2008-12-06 01:06 --------- d-----w C:\Program Files\Common Files\InstallShield

2008-12-03 18:01 --------- d-----w C:\Documents and Settings\Cud natury\Dane aplikacji\ipla

2008-11-30 11:36 --------- d—a-w C:\Documents and Settings\All Users\Dane aplikacji\TEMP

2008-11-30 11:22 --------- d-----w C:\Documents and Settings\Cud natury\Dane aplikacji\Pogo Games

2008-11-30 11:19 --------- d-----w C:\Program Files\Oberon Media

2008-11-28 16:01 --------- d-----w C:\Program Files\Battery miser

2008-11-27 18:32 --------- d–h--w C:\Program Files\InstallShield Installation Information

2008-11-27 18:27 --------- d-----w C:\Program Files\lg_guide

2008-11-27 18:26 --------- d-----w C:\Program Files\Yahoo!

2008-11-27 18:21 --------- d-----w C:\Program Files\VS Revo Group

2008-11-27 18:20 --------- d-----w C:\Program Files\Auslogics

2008-11-27 18:20 --------- d-----w C:\Documents and Settings\Cud natury\Dane aplikacji\Auslogics

2008-11-27 18:17 --------- d-----w C:\Program Files\CCleaner

2008-11-27 17:58 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Macrovision

2008-11-27 17:56 --------- d-----w C:\Program Files\Autodesk

2008-11-27 17:55 --------- d-----w C:\Program Files\Common Files\Autodesk Shared

2008-11-27 17:55 --------- d-----w C:\Program Files\AnswerWorks 4.0

2008-11-27 17:53 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Autodesk

2008-11-15 14:33 --------- d-----w C:\Program Files\ALLPlayer

2008-11-06 18:18 --------- d-----w C:\Program Files\AssaultCube

2008-11-04 20:34 --------- d-----w C:\Program Files\NAPI-PROJEKT

2008-11-01 21:56 --------- d-----w C:\Program Files\ivo

2008-10-23 12:42 286,720 ----a-w C:\WINDOWS\system32\gdi32.dll

2008-10-16 13:13 202,776 ----a-w C:\WINDOWS\system32\wuweb.dll

2008-10-16 13:13 1,809,944 ----a-w C:\WINDOWS\system32\wuaueng.dll

2008-10-16 13:12 561,688 ----a-w C:\WINDOWS\system32\wuapi.dll

2008-10-16 13:12 323,608 ----a-w C:\WINDOWS\system32\wucltui.dll

2008-10-16 13:09 92,696 ----a-w C:\WINDOWS\system32\cdm.dll

2008-10-16 13:09 51,224 ----a-w C:\WINDOWS\system32\wuauclt.exe

2008-10-16 13:09 43,544 ----a-w C:\WINDOWS\system32\wups2.dll

2008-10-16 13:08 34,328 ----a-w C:\WINDOWS\system32\wups.dll

2008-10-16 13:06 268,648 ----a-w C:\WINDOWS\system32\mucltui.dll

2008-10-16 13:06 208,744 ----a-w C:\WINDOWS\system32\muweb.dll

2008-10-16 01:02 668,672 ----a-w C:\WINDOWS\system32\wininet.dll

2008-10-03 10:04 247,326 ----a-w C:\WINDOWS\system32\strmdll.dll

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries legit default entries are not shown

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

“MSMSGS”=“C:\Program Files\Messenger\msmsgs.exe” [2008-04-14 18:21 1695232]

“Gadu-Gadu”=“C:\Program Files\Gadu-Gadu\gg.exe” [2008-03-20 11:04 2127296]

“BitComet”=“C:\Program Files\BitComet\BitComet.exe” [2008-07-17 14:50 2599224]

“IPLA!”=“C:\Program Files\ipla\ipla.exe” [2008-11-28 16:54 2697464]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

“IgfxTray”=“C:\WINDOWS\System32\igfxtray.exe” [2003-10-02 06:37 155648]

“HotKeysCmds”=“C:\WINDOWS\System32\hkcmd.exe” [2003-10-02 06:19 118784]

“SynTPLpr”=“C:\Program Files\Synaptics\SynTP\SynTPLpr.exe” [2003-09-12 07:19 110592]

“SynTPEnh”=“C:\Program Files\Synaptics\SynTP\SynTPEnh.exe” [2003-09-12 07:18 618496]

“KeybdUtility”=“C:\Program Files\On Screen Display\Hotkey.exe” [2004-05-24 17:15 73728]

“Adobe Reader Speed Launcher”=“C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe” [2008-01-11 21:16 39792]

“Lexmark 1200 Series”=“C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe” [2006-07-13 12:33 57344]

“SunJavaUpdateSched”=“C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe” [2008-03-25 03:28 144784]

“NeroFilterCheck”=“C:\WINDOWS\system32\NeroCheck.exe” [2001-07-09 11:50 155648]

“avast!”=“C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe” [2008-11-26 18:18 81000]

“batterymiser”=“C:\Program Files\Battery miser\batterymiser.exe” [2004-05-12 16:34 253952]

“IPOperator”=“C:\Program Files\IP Operator\IPOperator.exe” [2004-06-08 13:15 32768]

“AGRSMMSG”=“AGRSMMSG.exe” [2003-03-31 05:54 88267 C:\WINDOWS\AGRSMMSG.exe]

[HKEY_USERS.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

“CTFMON.EXE”=“C:\WINDOWS\System32\CTFMON.EXE” [2008-04-14 18:21 15360]

“DWQueuedReporting”=“C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe” [2007-03-22 18:29 39264]

C:\Documents and Settings\Cud natury\Start Menu\Programs\Startup\

PowerReg SchedulerV2.exe [2008-12-06 02:10:51 256000]

UniSpiker-2.6.lnk - C:\Program Files\ivo\UniSpiker-2.6\uni_spiker-2.6.exe [2006-03-06 15:55:32 86016]

[HKLM~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

“%windir%\system32\sessmgr.exe”=

“C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe”=

“C:\Program Files\Gadu-Gadu\gg.exe”=

“C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab Setup Files\Kaspersky Anti-Virus 2009\Polish\setup.exe”=

“C:\Program Files\eMule\emule.exe”=

“C:\Program Files\BitComet\BitComet.exe”=

“%windir%\Network Diagnostic\xpnetdiag.exe”=

“C:\Program Files\Mozilla Firefox\firefox.exe”=

[HKLM~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

“15333:TCP”= 15333:TCP:BitComet 15333 TCP

“15333:UDP”= 15333:UDP:BitComet 15333 UDP

R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-11-26 18:17]

R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-11-26 18:17]

R3 tifm;tifm;C:\WINDOWS\system32\drivers\tifm.sys [2004-03-30 09:05]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2{cea9a440-c93e-11dd-b131-00e091033c88}]

\Shell\AutoRun\command - SYSTEM\S-1-5-21-1482476501-1644491937-682003330-1013\system32.exe

\Shell\open\command - SYSTEM\S-1-5-21-1482476501-1644491937-682003330-1013\system32.exe

.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-01-01 11:55:22

Windows 5.1.2600 Dodatek Service Pack 3 NTFS

scanning hidden processes …

scanning hidden autostart entries …

scanning hidden files …

scan completed successfully

hidden files: 0

**************************************************************************

.

Completion time: 2009-01-01 12:00:30

Pre-Run: 1,729,245,184 bajtów wolnych

Post-Run: 2,117,525,504 bajtów wolnych

116 — E O F — 2008-12-21 12:07:18

#2

otwórz notatnik i wklej

Z menu Notatnika -> Plik -> Zapisz jako -> Zmień rozszerzenie z .txt na wszystkie pliki -> zapisz pod nazwą Fix.reg

Uruchom ten plik, uruchom ponownie komputer

usuń ręcznie folder C:\Qoobox , usuń instalkę Combofix z dysku.

Przeczyść system Ccleanerem

Wykonaj optymalizację autostartu

Wyłącz i włącz przywracanie systemu na wszystkich dyskach. Instrukcja

Przeskanuj obszar całego komputera http://www.kaspersky.pl/virusscanner.html Daj raport z niego na forum

lub

Dr.WEB CureIt!